Security Programs • Room 2

Risk Prioritization

Not all threats are equal because not all assets are equal. The engineer must work with the business to assign appropriate priorities.

If a vulnerability scanner identifies a critical flaw, but it's on an isolated test server, the risk is vastly different than if it were on the primary e-commerce web server.

Knowledge Check

Prove your understanding to clear the room (Rewards XP)

Drag items to their correct zone (or tap item then tap zone on mobile)

Primary Domain Controller

Public-facing E-Commerce Server

Internal Employee Workstation

Isolated QA Testing Database

Critical Priority

High Priority

Medium Priority

Low Priority